Thu Mar 28 15:03:22 2024
EVENTS
 FREE
SOFTWARE
INSTITUTE

POLITICS
JOBS
MEMBERS'
CORNER

MAILING
LIST

NYLXS Mailing Lists and Archives
NYLXS Members have a lot to say and share but we don't keep many secrets. Join the Hangout Mailing List and say your peice.

DATE 2008-07-01

HANGOUT

2024-03-28 | 2024-02-28 | 2024-01-28 | 2023-12-28 | 2023-11-28 | 2023-10-28 | 2023-09-28 | 2023-08-28 | 2023-07-28 | 2023-06-28 | 2023-05-28 | 2023-04-28 | 2023-03-28 | 2023-02-28 | 2023-01-28 | 2022-12-28 | 2022-11-28 | 2022-10-28 | 2022-09-28 | 2022-08-28 | 2022-07-28 | 2022-06-28 | 2022-05-28 | 2022-04-28 | 2022-03-28 | 2022-02-28 | 2022-01-28 | 2021-12-28 | 2021-11-28 | 2021-10-28 | 2021-09-28 | 2021-08-28 | 2021-07-28 | 2021-06-28 | 2021-05-28 | 2021-04-28 | 2021-03-28 | 2021-02-28 | 2021-01-28 | 2020-12-28 | 2020-11-28 | 2020-10-28 | 2020-09-28 | 2020-08-28 | 2020-07-28 | 2020-06-28 | 2020-05-28 | 2020-04-28 | 2020-03-28 | 2020-02-28 | 2020-01-28 | 2019-12-28 | 2019-11-28 | 2019-10-28 | 2019-09-28 | 2019-08-28 | 2019-07-28 | 2019-06-28 | 2019-05-28 | 2019-04-28 | 2019-03-28 | 2019-02-28 | 2019-01-28 | 2018-12-28 | 2018-11-28 | 2018-10-28 | 2018-09-28 | 2018-08-28 | 2018-07-28 | 2018-06-28 | 2018-05-28 | 2018-04-28 | 2018-03-28 | 2018-02-28 | 2018-01-28 | 2017-12-28 | 2017-11-28 | 2017-10-28 | 2017-09-28 | 2017-08-28 | 2017-07-28 | 2017-06-28 | 2017-05-28 | 2017-04-28 | 2017-03-28 | 2017-02-28 | 2017-01-28 | 2016-12-28 | 2016-11-28 | 2016-10-28 | 2016-09-28 | 2016-08-28 | 2016-07-28 | 2016-06-28 | 2016-05-28 | 2016-04-28 | 2016-03-28 | 2016-02-28 | 2016-01-28 | 2015-12-28 | 2015-11-28 | 2015-10-28 | 2015-09-28 | 2015-08-28 | 2015-07-28 | 2015-06-28 | 2015-05-28 | 2015-04-28 | 2015-03-28 | 2015-02-28 | 2015-01-28 | 2014-12-28 | 2014-11-28 | 2014-10-28 | 2014-09-28 | 2014-08-28 | 2014-07-28 | 2014-06-28 | 2014-05-28 | 2014-04-28 | 2014-03-28 | 2014-02-28 | 2014-01-28 | 2013-12-28 | 2013-11-28 | 2013-10-28 | 2013-09-28 | 2013-08-28 | 2013-07-28 | 2013-06-28 | 2013-05-28 | 2013-04-28 | 2013-03-28 | 2013-02-28 | 2013-01-28 | 2012-12-28 | 2012-11-28 | 2012-10-28 | 2012-09-28 | 2012-08-28 | 2012-07-28 | 2012-06-28 | 2012-05-28 | 2012-04-28 | 2012-03-28 | 2012-02-28 | 2012-01-28 | 2011-12-28 | 2011-11-28 | 2011-10-28 | 2011-09-28 | 2011-08-28 | 2011-07-28 | 2011-06-28 | 2011-05-28 | 2011-04-28 | 2011-03-28 | 2011-02-28 | 2011-01-28 | 2010-12-28 | 2010-11-28 | 2010-10-28 | 2010-09-28 | 2010-08-28 | 2010-07-28 | 2010-06-28 | 2010-05-28 | 2010-04-28 | 2010-03-28 | 2010-02-28 | 2010-01-28 | 2009-12-28 | 2009-11-28 | 2009-10-28 | 2009-09-28 | 2009-08-28 | 2009-07-28 | 2009-06-28 | 2009-05-28 | 2009-04-28 | 2009-03-28 | 2009-02-28 | 2009-01-28 | 2008-12-28 | 2008-11-28 | 2008-10-28 | 2008-09-28 | 2008-08-28 | 2008-07-28 | 2008-06-28 | 2008-05-28 | 2008-04-28 | 2008-03-28 | 2008-02-28 | 2008-01-28 | 2007-12-28 | 2007-11-28 | 2007-10-28 | 2007-09-28 | 2007-08-28 | 2007-07-28 | 2007-06-28 | 2007-05-28 | 2007-04-28 | 2007-03-28 | 2007-02-28 | 2007-01-28 | 2006-12-28 | 2006-11-28 | 2006-10-28 | 2006-09-28 | 2006-08-28 | 2006-07-28 | 2006-06-28 | 2006-05-28 | 2006-04-28 | 2006-03-28 | 2006-02-28 | 2006-01-28 | 2005-12-28 | 2005-11-28 | 2005-10-28 | 2005-09-28 | 2005-08-28 | 2005-07-28 | 2005-06-28 | 2005-05-28 | 2005-04-28 | 2005-03-28 | 2005-02-28 | 2005-01-28 | 2004-12-28 | 2004-11-28 | 2004-10-28 | 2004-09-28 | 2004-08-28 | 2004-07-28 | 2004-06-28 | 2004-05-28 | 2004-04-28 | 2004-03-28 | 2004-02-28 | 2004-01-28 | 2003-12-28 | 2003-11-28 | 2003-10-28 | 2003-09-28 | 2003-08-28 | 2003-07-28 | 2003-06-28 | 2003-05-28 | 2003-04-28 | 2003-03-28 | 2003-02-28 | 2003-01-28 | 2002-12-28 | 2002-11-28 | 2002-10-28 | 2002-09-28 | 2002-08-28 | 2002-07-28 | 2002-06-28 | 2002-05-28 | 2002-04-28 | 2002-03-28 | 2002-02-28 | 2002-01-28 | 2001-12-28 | 2001-11-28 | 2001-10-28 | 2001-09-28 | 2001-08-28 | 2001-07-28 | 2001-06-28 | 2001-05-28 | 2001-04-28 | 2001-03-28 | 2001-02-28 | 2001-01-28 | 2000-12-28 | 2000-11-28 | 2000-10-28 | 2000-09-28 | 2000-08-28 | 2000-07-28 | 2000-06-28 | 2000-05-28 | 2000-04-28 | 2000-03-28 | 2000-02-28 | 2000-01-28 | 1999-12-28

Key: Value:

Key: Value:

MESSAGE
DATE 2008-07-25
FROM Ruben Safir
SUBJECT Subject: [NYLXS - HANGOUT] [rick@linuxmafia.com: [conspire] DNS vulnerability details]
----- Forwarded message from Rick Moen -----

Date: Wed, 23 Jul 2008 15:03:53 -0700
From: Rick Moen
To: conspire-at-linuxmafia.com
X-Mas: Bah humbug.
User-Agent: Mutt/1.5.11+cvs20060403
X-BeenThere: conspire-at-linuxmafia.com
X-Mailman-Version: 2.1.8rc1
Precedence: list
List-Id: "Local mailing list for the CABAL Linux user group."

List-Unsubscribe: ,

List-Archive:
List-Post:
List-Help:
List-Subscribe: ,

Errors-To: conspire-bounces-at-linuxmafia.com
X-EximConfig: v2.0 on linuxmafia.com (http://www.jcdigita.com/eximconfig)
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Mail-From: conspire-bounces-at-linuxmafia.com
X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on linuxmafia.com
X-Spam-Level:
X-Spam-Status: No, score=-2.6 required=4.0 tests=BAYES_00,SPF_HELO_PASS
autolearn=unavailable version=3.1.1
Subject: [conspire] DNS vulnerability details
X-SA-Exim-Version: 4.2.1 (built Mon, 27 Mar 2006 13:42:28 +0200)


Transcribed from http://amd.co.at/dns.htm and character-coding errors
fixed. (Site says the post will expire, there, in a few hours, though
the author seems to be making an effort to keep renewing it.)





Reliable DNS Forgery in 2008: Kaminsky's Discovery
from Matasano Chargen by ecopeland


0.
The cat is out of the bag. Yes, Halvar Flake figured out the flaw Dan
Kaminsky will announce at Black Hat.


1.
Pretend for the moment that you know only the basic function of DNS --
that it translates WWW.VICTIM.COM into 1.2.3.4. The code that does this
is called a resolver. Each time the resolver contacts the DNS to
translate names to addresses, it creates a packet called a query. The
exchange of packets is called a transaction. Since the number of packets
flying about on the internet requires scientific notation to express,
you can imagine there has to be some way of not mixing them up.

Bob goes to to a deli, to get a sandwich. Bob walks up to the counter,
takes a pointy ticket from a round red dispenser. The ticket has a
number on it. This will be Bob's unique identifier for his sandwich
acquisition transaction. Note that the number will probably be used
twice -- once when he is called to the counter to place his order and
again when he's called back to get his sandwich. If you're wondering,
Bob likes ham on rye with no onions.

If you've got this, you have the concept of transaction IDs, which are
numbers assigned to keep different transactions in order. Conveniently,
the first sixteen bits of a DNS packet is just such a unique identifier.
It's called a query id (QID). And with the efficiency of the deli, the
QID is used for multiple transactions.

2.
Until very recently, there were two basic classes of DNS
vulnerabilities. One of them involves mucking about with the QID in DNS
packets and the other requires you to know the Deep Magic. First, QIDs.

Bob's a resolver and Alice is a content DNS server. Bob asks Alice for
the address of WWW.VICTIM.COM. The answer is 1.2.3.4. Mallory would like
the answer to be 6.6.6.0. It is a (now not) secret shame of mine that
for a great deal of my career, creating and sending packets was, to me,
Deep Magic. Then it became part of my job, and I learned that it is
surprisingly trivial. So put aside the idea that forging IP packets is
the hard part of poisoning DNS. If I'm Mallory and I'm attacking Bob,
how can he distinguish my packets from Alice's? Because I can't see the
QID in his request, and the QID in my response won't match. The QID is
the only thing protecting the DNS from Mallory (me).

QID attacks began in the olden days, when BIND simply incremented the
QID with every query response. If you can remember 1995, here's a
workable DNS attack. Think fast: 9372 + 1. Did you get 9372, or even
miss and get 9373? You win, Alice loses. Mallory sends a constant stream
of DNS responses for WWW.VICTIM.COM. All are quietly discarded -- until
Mallory gets Bob to query for WWW.VICTIM.COM. If Mallory's response gets
to your computer before the legitimate response arrives from your ISP's
name server, you will be redirected where Mallory tells you you're
going.

Obvious fix: you want the QID be randomly generated. Now Alice and
Mallory are in a race. Alice sees Bob's request and knows the QID.
Mallory has to guess it. The first one to land a packet with the correct
QID wins. Randomized QIDs give Alice a big advantage in this race.

But there's a bunch more problems here: * If you convince Bob to ask
Alice the same question 1000 times all at once, and Bob uses a different
QID for each packet, you made the race 1000 times easier for Mallory to
win. * If Bob uses a crappy random number generator, Mallory can get Bob
to ask for names she controls, like WWW.EVIL.COM, and watch how the QIDs
bounce around; eventually, she'll break the RNG and be able to predict
its outputs. * 16 bits just isn't big enough to provide real security at
the traffic rates we deal with in 2008.

Your computer's resolver is probably a stub. Which means it won't really
save the response. You don't want it to. The stub asks a real DNS
server, probably run by your ISP. That server doesn't know everything.
It can't, and shouldn't, because the whole idea of DNS is to compensate
for the organic and shifting nature of internet naming and addressing.
Frequently, that server has to go ask another, and so on. The cool kids
call this "recursion".

Responses carry another value, too, called a time to live (TTL). This
number tells your name server how long to cache the answer. Why?
Because they deal with zillions of queries. Whoever wins the race
between Alice and Mallory, their answer gets cached. All subsequent
responses will be dropped. All future requests for that same data,
within the TTL, come from that answer. This is good for whoever wins the
race. If Alice wins, it means Mallory can't poison the cache for that
name. If Mallory wins, the next 10,000 or so people that ask that cache
where WWW.VICTIM.COM is go to 6.6.6.0.


3.
Then there's that other set of DNS vulnerabilities. These require you to
pay attention in class. They haven't really been talked about since
1997. And they're hard to find, because you have to understand how DNS
works. In other words, you have to be completely crazy. Lazlo Hollyfeld
crazy. I'm speaking of course of RRset poisoning.

DNS has a complicated architecture. Not only that, but not all name
servers run the same code. So not all of them implement DNS in exactly
the same way. And not only that, but not all name servers are configured
properly.

I just described a QID attack that poisons the name server's cache.
This attack requires speed, agility and luck, because if the "real"
answer happens to arrive before your spoofed one, you're locked out.

Fortunately for those of you that have a time machine, some versions of
DNS provide you with another way to poison the name server's cache
anyway. To explain it, I will have to explain more about the format of a
DNS packet.

DNS packets are variable in length and consist of a header, some flags
and resource records (RRs). RRs are where the goods ride around. There
are up to three sets of RRs in a DNS packet, along with the original
query. These are: * Answer RRs, which contain the answer to whatever
question you asked (such as the A record that says WWW.VICTIM.COM is
1.2.3.4) * Authority RRs, which tell resolvers which name servers to
refer to to get the complete answer for a question * Additional RRs,
sometimes called "glue", which contain any additional information needed
to make the response effective. A word about the Additional RRs. Think
about an NS record, like the one that COM's name server uses to tell us
that, to find out where WWW.VICTIM.COM is, you have to ask
NS1.VICTIM.COM. That's good to know, but it's not going to help you
unless you know where to find NS1.VICTIM.COM. Names are not addresses.
This is a chicken and egg problem. The answer is, you provide both the
NS record pointing VICTIM.COM to NS1.VICTIM.COM, and the A record
pointing NS1.VICTIM.COM to 1.2.3.1.

Now, let's party like it's 1995.

Download the source code for a DNS implementation and hack it up such
that every time it sends out a response, it also sends out a little bit
of evil -- an extra Additional RR with bad information. Then let's set
up an evil server with it, and register it as EVIL.COM. Now get a bunch
of web pages up with IMG tags pointing to names hosted at that server.
Bob innocently loads up a page with the malicious tags which coerces his
browser into resolving that name. Bob asks Alice to resolve that name.
Here comes recursion: eventually the query arrives at our evil server.
Which sends back a response with an unexpected (evil) Additional RR. If
Alice's cache honors the unexpected record, it's 1995 - buy CSCO!
- and you just poisoned their cache. Worse, it will replace the "real"
data already in the cache with the fake data. You asked where
WWW.EVIL.COM was (or rather, the image tags did). But Alice also "found
out" where WWW.VICTIM.COM was: 6.6.6.0. Every resolver that points to
that name server will now gladly forward you to the website of the
beast.


4.
It's not 1995. It's 2008. There are fixes for the attacks I have
described.

Fix 1:

The QID race is fixed with random IDs, and by using a strong random
number generator and being careful with the state you keep for queries.
16 bit query IDs are still too short, which fills us with dread. There
are hacks to get around this. For instance, DJBDNS randomizes the source
port on requests as well, and thus won't honor responses unless they
come from someone who guesses the ~16 bit source port. This brings us
close to 32 bits, which is much harder to guess.

Fix 2:

The RR set poisoning attack is fixed by bailiwick checking, which is a
quirky way of saying that resolvers simply remember that if they're
asking where WWW.VICTIM.COM is, they're not interested in caching a new
address for WWW.GOOGLE.COM in the same transaction.

Remember how these fixes work. They're very important.

And so we arrive at the present day.


5.
Let's try again to convince Bob that WWW.VICTIM.COM is 6.6.6.0. This
time though, instead of getting Bob to look up WWW.VICTIM.COM and then
beating Alice in the race, or getting Bob to look up WWW.EVIL.COM and
slipping strychnine into his ham sandwich, we're going to be clever
(sneaky).

Get Bob to look up AAAAA.VICTIM.COM. Race Alice. Alice's answer is
NXDOMAIN, because there's no such name as AAAAA.VICTIM.COM. Mallory has
an answer. We'll come back to it. Alice has an advantage in the race,
and so she likely beats Mallory. NXDOMAIN for AAAAA.VICTIM.COM. Alice's
advantage is not insurmountable. Mallory repeats with AAAAB.VICTIM.COM.
Then AAAAC.VICTIM.COM. And so on. Sometime, perhaps around
CXOPQ.VICTIM.COM, Mallory wins! Bob believes CXOPQ.VICTIM.COM is
6.6.6.0!

Poisoning CXOPQ.VICTIM.COM is not super valuable to Mallory. But Mallory
has another trick up her sleeve. Because her response didn't just say
CXOPQ.VICTIM.COM was 6.6.6.0. It also contained Additional RRs pointing
WWW.VICTIM.COM to 6.6.6.0. Those records are in-bailiwick: Bob is in
fact interested in VICTIM.COM for this query. Mallory has combined
attack #1 with attack #2, defeating fix #1 and fix #2. Mallory can
conduct this attack in less than 10 seconds on a fast Internet link.


_______________________________________________
conspire mailing list
conspire-at-linuxmafia.com
http://linuxmafia.com/mailman/listinfo/conspire

----- End forwarded message -----

--
http://www.mrbrklyn.com - Interesting Stuff
http://www.nylxs.com - Leadership Development in Free Software

So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world - RI Safir 1998

http://fairuse.nylxs.com DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002

"Yeah - I write Free Software...so SUE ME"

"The tremendous problem we face is that we are becoming sharecroppers to our own cultural heritage -- we need the ability to participate in our own society."

"> I'm an engineer. I choose the best tool for the job, politics be damned.<
You must be a stupid engineer then, because politcs and technology have been attached at the hip since the 1st dynasty in Ancient Egypt. I guess you missed that one."

© Copyright for the Digital Millennium

  1. 2008-07-01 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] C programming Workshop part II
  2. 2008-07-01 swd <sderrick-at-optonline.net> Re: [NYLXS - HANGOUT] Need to get rid of a whole bunch of programming
  3. 2008-07-01 email <ray-pub-at-rcn.com> Re: [NYLXS - HANGOUT] Need to get rid of a whole bunch of programming
  4. 2008-07-01 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Need to get rid of a whole bunch of programming books. TALK ABOUT FREE SOFTWARE!!!
  5. 2008-07-01 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Gates: Windows really sucks
  6. 2008-07-01 email <ray-pub-at-rcn.com> Re: [NYLXS - HANGOUT] Need to get rid of a whole bunch of programming
  7. 2008-07-02 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] [david-at-thekramers.net: Fedora 9 X dual screen problems]
  8. 2008-07-02 swd <sderrick-at-optonline.net> Re: [NYLXS - HANGOUT] Need to get rid of a whole bunch of programming
  9. 2008-07-02 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] C++ Workshop 2 (section 2.1)
  10. 2008-07-03 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] C++ Workshop 2.1
  11. 2008-07-03 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] July 4th
  12. 2008-07-03 Shoshana Rivka Safir <shani-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Post high school jobs or internships?
  13. 2008-07-03 meg7-at-nyu.edu Re: [NYLXS - HANGOUT] July 4th
  14. 2008-07-03 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] July 4th
  15. 2008-07-03 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] July 4th
  16. 2008-07-03 From: "Ronny Abraham" <ronny.coder-at-gmail.com> Re: [NYLXS - HANGOUT] Post high school jobs or internships?
  17. 2008-07-03 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] C++ Workshop 2.3
  18. 2008-07-03 From: "Michael L. Richardson" <mlr52-at-michaellrichardson.com> Re: [NYLXS - HANGOUT] Post high school jobs or internships?
  19. 2008-07-04 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] [alan-at-patriot.net: [Dclug] Our Fourth Amendment]
  20. 2008-07-04 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] 4th of July Plans
  21. 2008-07-04 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Workshops
  22. 2008-07-05 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Might be time for a visit to Congress again
  23. 2008-07-05 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  24. 2008-07-05 From: "Michael L. Richardson" <mlr52-at-mycouponmagic.com> Re: [NYLXS - HANGOUT] Workshops
  25. 2008-07-05 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Workshops
  26. 2008-07-06 From: "Ronny Abraham" <ronny.coder-at-gmail.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  27. 2008-07-07 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] [meissner-at-suse.de: [security-announce] SUSE Security Announcement: Linux kernel (SUSE-SA:2008:031)]
  28. 2008-07-07 Mark Simko <msimko-at-optonline.net> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  29. 2008-07-07 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] [meissner-at-suse.de: [security-announce] SUSE Security Announcement: Linux kernel (SUSE-SA:2008:032)]
  30. 2008-07-07 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  31. 2008-07-07 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  32. 2008-07-07 Mark Simko <msimko-at-optonline.net> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  33. 2008-07-07 Mark Simko <msimko-at-optonline.net> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  34. 2008-07-07 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  35. 2008-07-07 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  36. 2008-07-07 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  37. 2008-07-07 Mark Simko <msimko-at-optonline.net> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  38. 2008-07-07 Mark Simko <msimko-at-optonline.net> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  39. 2008-07-07 From: "Ronny Abraham" <ronny.coder-at-gmail.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  40. 2008-07-07 Ron Guerin <ron-at-vnetworx.net> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  41. 2008-07-07 From: "Ronny Abraham" <ronny.coder-at-gmail.com> Re: [NYLXS - HANGOUT] Post high school jobs or internships?
  42. 2008-07-07 From: "Ronny Abraham" <ronny.coder-at-gmail.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  43. 2008-07-07 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] [nyc-at-workatjelly.com: Jelly in Manhattan this Friday, 7/11]
  44. 2008-07-07 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  45. 2008-07-07 Ron Guerin <ron-at-vnetworx.net> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  46. 2008-07-07 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  47. 2008-07-07 From: "Ronny Abraham" <ronny.coder-at-gmail.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  48. 2008-07-08 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  49. 2008-07-08 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  50. 2008-07-08 Mark Simko <msimko-at-optonline.net> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  51. 2008-07-08 From: "Ronny Abraham" <ronny.coder-at-gmail.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  52. 2008-07-08 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  53. 2008-07-08 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  54. 2008-07-08 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  55. 2008-07-08 From: "Ronny Abraham" <ronny.coder-at-gmail.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  56. 2008-07-08 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Maybe its because lindows just sucked
  57. 2008-07-08 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] ASUS/GNU
  58. 2008-07-08 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] While we're on this topic
  59. 2008-07-08 From: "Tameek" <tameek-at-gmail.com> Re: [NYLXS - HANGOUT] [nyc-at-workatjelly.com: Jelly in Manhattan this Friday, 7/11]
  60. 2008-07-08 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] [nyc-at-workatjelly.com: Jelly in Manhattan this Friday, 7/11]
  61. 2008-07-09 email <ray-pub-at-rcn.com> Re: [NYLXS - HANGOUT] [nyc-at-workatjelly.com: Jelly in Manhattan this
  62. 2008-07-09 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Installfest this weekend?
  63. 2008-07-09 email <ray-pub-at-rcn.com> Re: [NYLXS - HANGOUT] Installfest this weekend?
  64. 2008-07-09 Mark Simko <msimko-at-optonline.net> Re: [NYLXS - HANGOUT] Post high school jobs or internships?
  65. 2008-07-12 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Installfest this weekend?
  66. 2008-07-12 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] GNU/Linux INSTALLFEST/HACKFEST NYC Local
  67. 2008-07-12 Contrarian <adrba-at-nyct.net> Subject: [NYLXS - HANGOUT] "Gates of Vienna" blog averts DMCA prosecution
  68. 2008-07-14 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Re: Linux on the desktop - it's come a long way, but is it there yet?
  69. 2008-07-15 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] so much for Apples Free Software pitch
  70. 2008-07-15 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] grep
  71. 2008-07-15 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] grep
  72. 2008-07-15 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] C++ Workshop 2.2
  73. 2008-07-18 Contrarian <adrba-at-nyct.net> Subject: [NYLXS - HANGOUT] [BrooklynFreeCycle] offer---- old library card catalog file cabinet
  74. 2008-07-18 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] HAckfest/Installfest
  75. 2008-07-18 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Re: [nylug-talk] HAckfest/Installfest
  76. 2008-07-18 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Hackfest/Installfest
  77. 2008-07-18 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Tax Exempy Status
  78. 2008-07-19 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Installfest/Hackfest Tomorrow
  79. 2008-07-20 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Installfest/Hackfest
  80. 2008-07-21 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] [notification+zjaayj4y-at-facebookmail.com: "Ted & Amy Supper Club (NYC)" sent you a message on Facebook...]
  81. 2008-07-22 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] C++ Workshop 2.2.3
  82. 2008-07-22 From: "Ronny Abraham" <ronny.coder-at-gmail.com> Re: [NYLXS - HANGOUT] [notification+zjaayj4y-at-facebookmail.com: "Ted & Amy Supper Club (NYC)" sent you a message on Facebook...]
  83. 2008-07-22 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] [notification+zjaayj4y-at-facebookmail.com: "Ted & Amy Supper Club (NYC)" sent you a message on Facebook...]
  84. 2008-07-23 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] C Programming Workshop
  85. 2008-07-23 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] [dalmolin-at-e-cology.ca: [Hardhats] COMMITTEE ON WAYS AND MEANS: Promoting Health IT Hearing]
  86. 2008-07-23 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] C++ Workshop 2.3.4
  87. 2008-07-24 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Dell GNU Systems
  88. 2008-07-25 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] [rick-at-linuxmafia.com: [conspire] DNS vulnerability details]
  89. 2008-07-25 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Re: [conspire] DNS vulnerability details
  90. 2008-07-25 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Re: [conspire] DNS vulnerability details
  91. 2008-07-25 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Radio Broadcasting
  92. 2008-07-25 prmarino1-at-gmail.com Re: [NYLXS - HANGOUT] [rick-at-linuxmafia.com: [conspire] DNS vulnerability details]
  93. 2008-07-25 prmarino1-at-gmail.com Re: [NYLXS - HANGOUT] [rick-at-linuxmafia.com: [conspire] DNS vulnerability details]
  94. 2008-07-25 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Re: [conspire] DNS vulnerability details
  95. 2008-07-26 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] unionfs
  96. 2008-07-26 Mark Simko <msimko-at-optonline.net> Re: [NYLXS - HANGOUT] unionfs
  97. 2008-07-26 From: "Michael L. Richardson" <mlr52-at-michaellrichardson.com> Re: [NYLXS - HANGOUT] unionfs
  98. 2008-07-27 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] unionfs
  99. 2008-07-27 Mark Simko <msimko-at-optonline.net> Re: [NYLXS - HANGOUT] unionfs
  100. 2008-07-27 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] unionfs
  101. 2008-07-27 Mark Simko <msimko-at-optonline.net> Re: [NYLXS - HANGOUT] unionfs
  102. 2008-07-27 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] unionfs
  103. 2008-07-28 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] [nyc-at-workatjelly.com: Jelly in Fort Greene Friday, 8/1]
  104. 2008-07-29 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] [Volunteer4-at-JohnMcCain.com: McCain Campaign Internships]
  105. 2008-07-30 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] August Plans
  106. 2008-07-30 From: <tameek-at-gmail.com> RE: [NYLXS - HANGOUT] August Plans
  107. 2008-07-30 From: "Michael L. Richardson" <mlr52-at-michaellrichardson.com> Re: [NYLXS - HANGOUT] August Plans
  108. 2008-07-30 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] August Plans
  109. 2008-07-30 email <ray-pub-at-rcn.com> Re: [NYLXS - HANGOUT] August Plans
  110. 2008-07-30 From: <tameek-at-gmail.com> RE: [NYLXS - HANGOUT] August Plans
  111. 2008-07-30 From: "Michael L. Richardson" <mlr52-at-mycouponmagic.com> Re: [NYLXS - HANGOUT] August Plans
  112. 2008-07-30 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] August Plans
  113. 2008-07-30 From: "Michael L. Richardson" <mlr52-at-michaellrichardson.com> Re: [NYLXS - HANGOUT] August Plans
  114. 2008-07-30 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] August Plans
  115. 2008-07-30 From: <mlr52-at-michaellrichardson.com> Re: [NYLXS - HANGOUT] August Plans
  116. 2008-07-31 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] Time to trash the eeepc
  117. 2008-07-31 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [NYLXS - HANGOUT] KDE really sucks
  118. 2008-07-31 email <ray-pub-at-rcn.com> Re: [NYLXS - HANGOUT] KDE really sucks
  119. 2008-07-31 prmarino1-at-gmail.com Re: [NYLXS - HANGOUT] Time to trash the eeepc
  120. 2008-07-31 prmarino1-at-gmail.com Re: [NYLXS - HANGOUT] Time to trash the eeepc
  121. 2008-07-31 prmarino1-at-gmail.com Re: [NYLXS - HANGOUT] KDE really sucks
  122. 2008-07-31 prmarino1-at-gmail.com Re: [NYLXS - HANGOUT] KDE really sucks
  123. 2008-07-31 From: "Stan Davenport" <stan-at-Etrtechcenter.com> Subject: [NYLXS - HANGOUT] Ruben,Opening On Long Island Near Hicksville RR Linix Developer Any
  124. 2008-07-31 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] KDE really sucks
  125. 2008-07-31 Mark Simko <msimko-at-optonline.net> Re: [NYLXS - HANGOUT] Time to trash the eeepc
  126. 2008-07-31 prmarino1-at-gmail.com Re: [NYLXS - HANGOUT] Time to trash the eeepc
  127. 2008-07-31 prmarino1-at-gmail.com Re: [NYLXS - HANGOUT] Time to trash the eeepc
  128. 2008-07-31 Ruben Safir <ruben-at-mrbrklyn.com> Re: [NYLXS - HANGOUT] Time to trash the eeepc
  129. 2008-07-31 From: <mlr52-at-michaellrichardson.com> Re: [NYLXS - HANGOUT] Time to trash the eeepc
  130. 2008-07-31 prmarino1-at-gmail.com Re: [NYLXS - HANGOUT] Time to trash the eeepc
  131. 2008-07-31 prmarino1-at-gmail.com Re: [NYLXS - HANGOUT] Time to trash the eeepc
  132. 2008-07-31 prmarino1-at-gmail.com Re: [NYLXS - HANGOUT] Time to trash the eeepc
  133. 2008-07-31 prmarino1-at-gmail.com Re: [NYLXS - HANGOUT] Time to trash the eeepc
  134. 2008-07-31 From: <mlr52-at-michaellrichardson.com> Re: [NYLXS - HANGOUT] Time to trash the eeepc

NYLXS are Do'ers and the first step of Doing is Joining! Join NYLXS and make a difference in your community today!